Research On Authentication Based Network Admission Control Protocol In Supanet

With the expansion of the Internet scale, the multimedia applications dates which needs high requirement for the QoS also has an increasing proportion. Meanwhile the defects of the too many layers in User-data platform (U-platform) and the low level service quality in the transmission is becomes more and more prominent. In order to fulfill the new requirement of the Internet development, Sichuan Network Communications Key-Lab of Southwest Jiaotong University propose SUPA (Single physical layer User-data switching Platform Architecture) which has a key technique named EPFTS (Ethernet-oriented Physical Frame Timeslot)The Quality of Service System is constituted by the two Service Quality Mechanisms for the signaling & Management platform (S&M-platform) and the User-Data transfer & switching platform (U-platform).As an important part of the SUPANET QoS guarantee, CAC (Call Admission Control) in the S&M- platform is also the first points of the system.Research for network admission control based on the QoS Security has been done by the Lab,and the research focus of this article is to perfect network admission control from the point of User Access Control.It is divided into three parts----Authentication, Authorization and Access Control.When the End System requires a connect to SUPANET, first needs to authenticate the legal identity of the End System, find the access and authorized it to the End System to permit the operation in the purview of the corresponding net resource. Meanwhile the Boundary system will control the data communication of the identified End System. The article discusses the method to divide and grant of the authority and the possible way to achieve the target. The article also define the PDU format of the protocol and finally introduces the signaling transmit of the whole protocol in detail.Finally, Author use OPNET to simulate the scheme which proposed in this paper. In the simulation, the whole process of protocols are simulated, and the results are coincide with prospection, it proves that this protocol is feasible.